mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2024-12-15 17:50:51 +00:00
Code Activity
666 commits 14 branches 1 tag 2.8 MiB
Commit graph

122 commits

Author SHA1 Message Date
Shyim
1b7b3a32d6 Update pkgs/sops-install-secrets/darwin.go 
Co-authored-by: Leo Pang <34628052+allthatjazzleo@users.noreply.github.com>
 2023-08-22 19:24:38 +01:00
Shyim
fce0c8ce93 fix: add missing argument for MountSecretFs on darwin 2023-08-22 19:24:38 +01:00
Mic92
339a559402 Add configuration option to use tmpfs in place of ramfs (#355) 
allow use of tmpfs via option configuration

* Tabs vs Spaces

* Update modules/sops/default.nix

* Update modules/sops/default.nix
 2023-08-12 09:45:08 +01:00
Jörg Thalheim
62a7c95c8c vendorHash: make it overridable 2023-07-15 06:49:20 +00:00
Roman Gonzalez
2ff6973350 fix(darwin): RuntimeDir trailing slash 
In later versions of macOS (e.g. Ventura), the command used to get a
runtime directory (e.g. `getconf DARWIN_USER_TEMP_DIR`) returns a
trailing slash.

When using a configuration like:

```
sops.defaultSecretsMountPoint = "%r/secrets.d";
```

The final path is going to contain a double slash in the suffix of the
path, an example:

```
/var/<random>/<hash>//secrets.d
```

This commit ensures that the runtime dir will get the trailing '/'
character removed.
 2023-06-22 01:49:29 +00:00
Roman Gonzalez
4ce3cc3428 fix(darwin): use chown only on non user mode 
On the latest version of macOS (Ventura 13.4 as of this date), this
change ownership will always fail with the error:

> Failed to mount filesystem for secrets: Cannot change owner/group of '.../secrets.d' to 0/0: chown .../secrets.d: operation not permitted
 2023-06-22 01:49:29 +00:00
Jörg Thalheim
2e77ca66d8
Merge pull request #326 from Mic92/deprecation-stuff 
fix makeSetupHook deprecations
 2023-05-08 05:58:13 +01:00
Jörg Thalheim
b84b3177a1 fix makeSetupHook's also for older nixos release 2023-05-08 06:48:56 +02:00
mlatus
4de4d820ba fix scope in sops.templates; add relevant test 2023-04-18 12:47:12 +08:00
mlatus
bae4d46397 add test for sops.templates 2023-03-23 23:06:04 +08:00
Tomas Zaluckij
bea992ff5e
fix makeSetupHook deprecations 2023-03-17 21:03:25 +00:00
Jörg Thalheim
4e50640bac go: drop deprecated ioutil 2023-02-28 09:44:31 +01:00
Pogobanane
716ccf8147 sops-install-secrets: disable unittest for darwin 
because $unittest is undefined on darwin and breaks the build/test
 2023-02-02 12:07:00 +01:00
Pogobanane
466d039190 darwin/home-manager: %r dir 2023-02-02 12:07:00 +01:00
Pogobanane
98834d958b darwin: impl MountSecretFs 2023-02-02 12:07:00 +01:00
Pogobanane
58ceff1f7b darwin: workaround missing user 2023-02-02 12:07:00 +01:00
Pogobanane
e6ccc740d8 darwin: impl SecureSymlinkChown 2023-02-02 12:07:00 +01:00
Pogobanane
783af739d2 fix go tests for darwin 2023-02-02 12:07:00 +01:00
Pogobanane
4f3d45c058 go files for darwin 
fixup
 2023-02-02 11:38:33 +01:00
Janne Heß
7f38c98162 More review fixups 2023-02-02 11:38:03 +01:00
Janne Heß
3afa9ca553 Fixup review comments 2023-02-02 11:38:03 +01:00
Janne Heß
acaf36a1bf Implement home-manager support 
Closes #62
Closes #163
 2023-02-02 11:38:03 +01:00
Jörg Thalheim
f234b0c865
TestIsValidFormat: don't use deprecated golang function 2023-02-01 22:08:03 +01:00
Jörg Thalheim
415302126e
Merge pull request #262 from lucasew/feat/type-dotenv 
format type: add dotenv and ini
 2023-02-01 21:54:15 +01:00
Nick Cao
a88f9dd22d
Fix build of sops-install-secrets after https://github.com/NixOS/nixpkgs/pull/212800 2023-02-01 13:16:38 +08:00
lucasew
eb09a61dc9 format type: add dotenv and ini 
Signed-off-by: lucasew <lucas59356@gmail.com>
 2023-01-17 10:55:52 -03:00
Jörg Kütemeier
7e0e679050
Update pkgs/sops-init-gpg-key/sops-init-gpg-key 
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-01-11 10:00:33 +01:00
Jörg Kütemeier
0ef86b61ee
Update pkgs/sops-init-gpg-key/sops-init-gpg-key 
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-01-11 10:00:25 +01:00
Jörg Kütemeier
965743c678
Add optional generation of Curve25519 type GPG keys 2023-01-05 22:51:58 +01:00
Sandro
a7a614f429
Remove unused code 2022-11-02 17:09:40 +01:00
Jörg Thalheim
9a381e3b2d no longer use out-dated aliases 2022-09-26 16:28:23 +02:00
Janne Heß
f0dddc1486
Fix lookup of users/groups in dry activation 
This fails otherwise as the users snippet was not executed and the
user/group does not exist.

Closes #222
 2022-08-25 16:14:10 +02:00
Jörg Thalheim
2c898a6d76
Merge pull request #205 from Mic92/fix/test-indentation 
Fix test indentation once and for all
 2022-07-10 19:28:03 +02:00
Janne Heß
8f8e4e7cdd
Fix test indentation once and for all 2022-07-09 00:07:09 +02:00
Janne Heß
cb4c79633d
Also print imported age keys 2022-07-09 00:04:54 +02:00
Janne Heß
a94c4a7d40
Remove the 21.11 version 2022-07-04 20:23:46 +02:00
Jörg Thalheim
5d69dafb8d
no longer use deprecated .machine attribute in nixos tests 2022-05-25 08:55:27 +02:00
Jörg Thalheim
150afcb240
move all nix expressions to pkgs 2022-05-15 08:19:33 +02:00
Janne Heß
5e2f743edd
Re-add service restarts 
We also have service reloads now, so add them as well
 2022-03-14 17:30:56 +01:00
Janne Heß
8677dd6909
Replace separator for nested keys for consistency 2021-11-29 12:20:25 +01:00
Janne Heß
23259ded2c Remove restart logic from README and test 
The required code in nixpkgs was reverted so we should not advertise a
feature that does not work. We can revert this commit if the feature is
re-merged into 22.05 with the proper version in it.
 2021-11-29 10:24:45 +01:00
Janne Heß
edb3913e10
Remove debug text 2021-11-23 22:32:41 +01:00
Janne Heß
bac2a891b7
Fix user passwords disappearing 
Also add a test case for this.
Closes #137
 2021-11-13 14:17:51 +01:00
Janne Heß
af29ac4d84
Prune old secrets generations 
Closes #128
 2021-11-09 23:17:55 +01:00
Janne Heß
bac08f6919
Allow setting user passwords 2021-11-07 13:53:16 +01:00
Janne Heß
79706f6748
Fix secrets mount point and remove default 2021-11-07 13:00:05 +01:00
Janne Heß
9683d128bd
Add support for restarting/reloading units 2021-11-07 12:37:57 +01:00
Janne Heß
2b9a0815ca
Implement nested secrets 2021-09-30 21:49:47 +02:00
Jörg Thalheim
c5e0f55d8d nixos-tests: fix identations 2021-09-30 21:09:26 +02:00
Janne Heß
4cebc08062
Fix age key generation and test it 2021-09-30 15:28:39 +02:00